Dutch EDRi member Bits of Freedom is diligently watching a set of broad tendencies, such as the dominant positions of a handful of tech giants, the Internet of Things, and the idea that technology cannot be neutral. Bits of Freedom is also working hard to prevent the occurrence of a number of very real threats to your internet freedom. Here’s an update on three topics currently debated in the Netherlands.

The dragnet for the Dutch secret service

On 2 July 2015, Minister of the Interior Ronald Plasterk published a bill for a new Intelligence and Security Services Act. This bill will give the most far-reaching power to the intelligence and security services to tap citizens’ communications, not only listen to their telephone conversations, but also to monitor chat and email messages, as well as the websites visited. It’s true that the current Intelligence and Security Services Act already allows the security services to tap specific individuals for monitoring purposes, but the new law would allow them to collect such data in bulk. This way innocent people would end up in the dragnet, too.

Another problem concerning this bill is that the exchange of data with foreign security services will not be limited. This means that the data collected can be handed over to other intelligence and security services without the Dutch security service even knowing the content of the dataset they provide.

Finally, there’s no independent, legally binding oversight. If the oversight committee concludes that the minister has unjustly allowed the application of such a dragnet, the minister can simply overrule the oversight committee, he can only be held accountable by Parliament. Oversight over intelligence and security services should not be left to politicians, because this gives politicians power without any counterbalancing transparency or accountability.

Reintroduction of data retention law

On 11 March 2015, the Dutch data retention law was thwarted by a ruling of the District Court of The Hague. Under that law, everybody’s location and communication behaviour would have been stored for up to a year, which would have had a massive impact on our freedom. Unfortunately the minister of Security and Justice, Ard Van der Steur, has already indicated that he will introduce a new data retention bill.

Hacking Criminal Investigation Departments

Van der Steur also wishes to grant the Dutch law enforcement the power to hack citizens’ computers and other device, such as tablets and smartphones. Ironically this will only make the Dutch internet user more unsafe. Imagine the police has the ability to enter a suspect’s Outlook via a existing vulnerability in the software. The police would then want that vulnerability to remain open a little longer, rather than getting it fixed as soon as possible. Unfortunately, the police isn’t the only party that can use this vulnerability to get access. So that will mean that all other Outlook users are vulnerable to cyber criminals too.